diff --git a/backend/services/mpc-service/src/api/controllers/mpc-party.controller.ts b/backend/services/mpc-service/src/api/controllers/mpc-party.controller.ts index b82f565a..515d95c0 100644 --- a/backend/services/mpc-service/src/api/controllers/mpc-party.controller.ts +++ b/backend/services/mpc-service/src/api/controllers/mpc-party.controller.ts @@ -54,7 +54,10 @@ export class MPCPartyController { /** * Participate in key generation (async) + * Note: Marked as Public for internal service-to-service calls + * TODO: Add proper service authentication (API key or service JWT) */ + @Public() @Post('keygen/participate') @HttpCode(HttpStatus.ACCEPTED) @ApiOperation({ @@ -67,7 +70,6 @@ export class MPCPartyController { type: KeygenAcceptedDto, }) @ApiResponse({ status: 400, description: 'Bad request' }) - @ApiResponse({ status: 401, description: 'Unauthorized' }) async participateInKeygen(@Body() dto: ParticipateKeygenDto): Promise { this.logger.log(`Keygen participation request: session=${dto.sessionId}, party=${dto.partyId}`); @@ -91,7 +93,10 @@ export class MPCPartyController { /** * Participate in key generation (sync - for testing) + * Note: Marked as Public for internal service-to-service calls + * TODO: Add proper service authentication (API key or service JWT) */ + @Public() @Post('keygen/participate-sync') @HttpCode(HttpStatus.OK) @ApiOperation({ @@ -119,7 +124,10 @@ export class MPCPartyController { /** * Participate in signing (async) + * Note: Marked as Public for internal service-to-service calls + * TODO: Add proper service authentication (API key or service JWT) */ + @Public() @Post('signing/participate') @HttpCode(HttpStatus.ACCEPTED) @ApiOperation({ @@ -154,7 +162,10 @@ export class MPCPartyController { /** * Participate in signing (sync - for testing) + * Note: Marked as Public for internal service-to-service calls + * TODO: Add proper service authentication (API key or service JWT) */ + @Public() @Post('signing/participate-sync') @HttpCode(HttpStatus.OK) @ApiOperation({